Recommendations for Setting Up Winning Compliance Programs, Business Plans and Financial Pro Formas for Money Transmitter License Applications

Organizations seeking money transmitter licensure are expected by many state regulatory agencies (namely the large states such as California and New York), to provide a comprehensive written business plan and financial projections. Often, savvy corporate analysts in the regulatory agencies review these documents with a critical eye. Surety bond underwriters and bank account providers to the prospective licensee may also require this material to evaluate risk. Some prospective licensees have these documents, but they are developed for an investor or a sales pitch, which is different than appealing to a regulatory audience. Following are recommendations for building winning business plans and financial pro formas for license applications. The author managed strategy, licensing, and compliance and did significant fundraising work for a licensed money transmitter from its incorporation in 2003 until 2010, and thereafter has been a consultant to money transfer license seekers.

Consider including the following sections in your business plan:

As part of our work applying for and maintaining state license portfolios on behalf of clients, Chartwell Compliance can assist with developing or providing guidance on comprehensive business plans and pro formas. Our staff includes experienced veterans of both new and well-established licensed money transmitters, as well as former regulators and law enforcement professionals who have extensive backgrounds with money services businesses. Members of the team have worked for years at the intersection of corporate strategy, regulatory compliance, financial safety and soundness and financial crimes prevention.

Key Components for a Comprehensive Anti-Money Laundering, Office of Foreign Assets Control, and Consumer Compliance Program

In equal measure to a business plan and financials, state regulators judge the strength of a prospective money transmitter licensee by evaluating its Bank Secrecy Act / Anti-Money Laundering / Office of Foreign Assets Control (BSA/AML/OFAC) and consumer compliance written program, electronic systems and staff qualifications. A compliance program can be built specifically for an organization’s new subsidiary applying for licensure, and then synchronized with the parent company’s compliance program to ensure reasonable harmony and overall centralization. A program that meets regulatory requirements and best practices generally consists of the following components, produced roughly in the following sequence:

  1. BSA/AML/OFAC Risk Assessment: a risk assessment will consist of a written document, a data spreadsheet or both. This may or may not be sub-divided into multiple distinct risk assessments dealing with the company’s overall risk, product and service risk, agent risk, country risk and so forth. Risks will be weighted and scored in relation to one another, and measures will then be designed to mitigate the identified risks (e.g. enhanced due diligence). The implementation of those mitigants will be reflected in the risk-based compliance manual, policies and procedures and systems of the organization.
  2. BSA/AML/OFAC Compliance Manual: this document contains the organization’s policies, procedures and internal controls for managing compliance with BSA/AML/OFAC compliance requirements. There may be a companion manual for agent compliance management. The manual will contain many sections dealing with subjects such as know your customer; customer identification; training; independent testing; risk assessment; suspicious transaction monitoring and reporting; record keeping and case management; dealing with law enforcement requests; OFAC; due diligence and enhanced due diligence; compliance governance, staffing and reporting structure; and so forth.
  3. State and Federal Consumer Compliance Program: an organization will need to develop policies, procedures and electronic reporting systems to ensure systematic ongoing compliance with idiosyncratic state-by-state money transmitter regulations, as well as Federal rules such as the Electronic Fund Transfers Act (Regulation E); Unfair, Deceptive or Abusive Acts or Practices Act (UDAAP); and Gramm-Leach-Bliley (GLB) privacy policy provisions. The thrust of these regulations deals with but is far from limited to required receipt and social media disclosures; agent management; reporting; renewals; and maintaining prescribed financial thresholds. State and federal regulators of course intimately review BSA/AML/OFAC compliance as well.
  4. BSA/AML/OFAC and State Regulation Compliance Training: employees and directors of a licensee will be required by law to have BSA/AML/OFAC training on a periodic basis. The organization should also consider training on the varied requirements of each state and Federal consumer compliance regulations. The type and depth of training can be adapted to the types of employees being trained; compliance, risk management and financial personnel can, for example, merit more intensive training including case studies. Training may also cover settlement and reconciliation operations.
  5. Suspicious Activity and Watch List Monitoring System: an electronic system with customized rules, reporting and case management tools will be needed to detect and flag potentially suspicious transaction activity (e.g. structuring, aggregation or other unusual transaction patterns). A separate system will detect and warn about potential matches between customers and persons on OFAC’s specially designated nationals (SDN) watch list or Interpol lists. Both systems can be run on an automated or manual basis (the former option being more efficient) and either developed in-house as a proprietary asset or bought off-the-shelf (SDN watch tools such as World Check and Bridger Insight are commonplace; however, transaction monitoring software specific for money services businesses is not widely marketed by anyone and thus companies often buy the former and build the latter).
  6. BSA/AML/OFAC Diagnostic Assessment and Future Independent Testing: a periodic testing of BSA/AML/OFAC compliance by an independent party (generally an internal auditor or external consultancy) is recommended every 12-18 months (determined on a risk-basis) after starting regulated operations. This is also an expectation of state regulators and bank partners; Colorado even requires a diagnostic assessment (an independent review-lite) of organizations applying for licensure, even if the business is brand new.
  7. Assign Roles and Responsibilities: the company will need to delineate the responsibilities and lead persons for each of the tasks identified in the compliance program or related areas, such as but not limited to: day to day AML compliance; state and Federal examinations; independent review; training; due diligence and Know Your Customer/Customer Identification Programs (“KYC/CIP”); monitoring, reporting and record-keeping; financial reconciliation, settlement and segregation of funds; license and registration renewals, periodic and material event reporting, a consumer complaints contact; and so forth.

Chartwell Compliance has the country’s most experienced team of money services and emerging payments practitioners and provides exceptionally well-rounded services to support organizations with developing, reviewing and administering their BSA/AML/OFAC and consumer compliance programs. Chartwell also has well-developed alliances with providers of AML software.

Daniel Weiss is President & CEO of Chartwell Compliance and previously served as Chief Strategy and Compliance Officer of a licensed money transmitter, check casher and consumer lender for over seven years. He moderated a panel at Money2020 this year as well as spoke at MTRA. Please contact Daniel Weiss at  for more information.

Please wait...

Subscribe to our Technical Publication!

Want to be notified when Compass is published? Enter your email address and name below and sign up to our mailing list!
Please wait...

Download the PDF File